<?php 
// this file will be used to display the inventory list
// connect to mysql database
require("../storescripts/config.php");
//start session
session_start();

if (!isset($_SESSION["manager"])) {
    header("location: admin_login.php"); 
    exit();
}
// check if the manager session is in the database
$managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers
$manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]); // filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters

$sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); // query the person
// check if the person exists in the database
$existCount = mysql_num_rows($sql); // count the row nums
if ($existCount == 0) { // evaluate the count
	 echo "Your login session data is not on record in the database.";
     exit();
}
?>
<?php 
// deleting an item
if (isset($_GET['deleteid'])) {?>
    <script language="javascript">
	<!--prompt for the admin to confirm deletion -->
	if(window.confirm("Are you sure you want to delete that record?")) {
		document.location = "account_list.php?yesdelete=<?php echo $_GET['deleteid']; ?>";
	} else {
		document.location="account_list.php";	
	}
	</script>
<?php
	exit();
}
if (isset($_GET['yesdelete'])) {
	// remove item from system and delete its picture
	// delete from database
	$id_to_delete = $_GET['yesdelete'];
	$sql = mysql_query("DELETE FROM customers WHERE id='$id_to_delete' LIMIT 1") or die (mysql_error());
	
	header("location: account_list.php"); 
    exit();
}
?>
<?php 
// grabs the whole list for viewing
$account_list = "";
$sql = mysql_query("SELECT * FROM customers");//query the products
$accountCount = mysql_num_rows($sql); // count the output amount
if ($accountCount > 0) {
	while($row = mysql_fetch_array($sql)){ 
             $id = $row["id"];
			 $account_name = $row["u_name"];
			 $first_name = $row["f_name"];
			 $last_name = $row["l_name"];
			 $email = $row["email"];
			 $account_list .= "
			<tr align='center'>
			<td>$id</td>
			<td>$account_name</td>
			<td>$first_name&nbsp;$last_name</td>
			<td>$email</td>
			<td><a href='account_edit.php?pid=$id'>edit</a> &bull; <a href='account_list.php?deleteid=$id'>delete</a><br /></td>
			</tr>";
    }
} else {
	$account_list = "You have no users created.";
}
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>User Accounts List</title>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="../css/style.css" type="text/css" media="screen" />
</head>

<body>
<!-- Main Shell -->
<div class="shell">
	
  <!-- Header -->
  <div id="header"><h1 id="logo"><a href="index.php">Luvo Fashion</a></h1>
	<div align="right" style="padding-right:5px; padding-top:40px;">
		<a style="color:#ccc;" href="index.php">Back</a>&nbsp; |
		<a style="color:#ccc;" href="logout.php">Logout</a>
	</div>
  </div>
  <!-- End Header -->

  <!-- Main -->
  <div id="main">
    <br/>
  	<div align="right"><a href="account_form.php">+ Create New User Account</a></div>
    <br />
	<h1>User Accounts List</h1>
    <div align="center" style=" padding-top:10px; line-height:2em;">
	<table width="80%" border="1" cellspacing="0" cellpadding="1">
			<tr align="center">
				<td class="cartTable">Customer ID</td>
				<td class="cartTable">Username</td>
				<td class="cartTable">Name</td>
				<td class="cartTable">Email</td>
				<td class="cartTable">Actions</td>
			</tr>
        <br />
        <?php echo $account_list; ?>
		</table>
	</div>
    <br  />
    <br />
    
  </div>
<!-- End Main -->
  
<!-- Footer -->
   <div style="padding-top:5px;" id="footer">
    <p class="left">Manage Accounts</p>
    <p class="right"> &copy; 2010 Luvo Fashion.</p>
    </div>
<!-- End Footer -->

</div>
<!-- End Shell -->

</body>
</html>
